vulnerability

Ubuntu: USN-6948-1 (CVE-2020-28972): Salt vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:P/I:N/A:N)	02/27/2021	08/09/2024	11/15/2024

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:N)

Published

02/27/2021

Added

08/09/2024

Modified

11/15/2024

Description

In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.

Solution

ubuntu-pro-upgrade-salt-common

References

CVE-2020-28972
https://attackerkb.com/topics/CVE-2020-28972
DEBIAN-DSA-5011
UBUNTU-USN-6948-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today